Virtual Routing and Forwarding - Full Implementation

Full Implementation

The scaling limitations of VRF Lite are resolved by the implementation of IPVPNs. In this implementation, a core backbone network is responsible for the transmission of data across the wide area between VRF instances at each edge location. IPVPNs have been traditionally deployed by carriers to provide a shared wide-area backbone network for multiple customers. They are also appropriate in large enterprise, multi-tenant and shared data centre environments.

In a typical deployment, Customer Edge (CE) routers handle local routing in a traditional fashion and disseminate routing information into Provider Edge (PE) where the routing tables are virtualised. The PE router then encapsulates the traffic, marks it to identify the VRF instance, and transmits it across the provider backbone network to the destination PE router. The destination PE router then decapsulates the traffic and forwards it to the CE router at the destination. The backbone network is completely transparent to the customer equipment, allowing multiple customers or user communities to utilize the common backbone network while maintaining end-to-end traffic separation.

Routes across the provider backbone network are maintained using an Interior Gateway Protocol - typically IBGP. IBGP uses extended community attributes in a common routing table to differentiate the customers' routes with overlapping IP addresses.

IPVPN is most commonly deployed across a Multi-protocol Label Switching (MPLS) backbone as the inherent labelling of packets in MPLS lends itself to the identification of the customer VRF. Some IPVPN implementations (notably Nortel's IP-VPN Lite) utilize a simpler IP-in-IP encapsulation over a pure IP backbone, eliminating the need to maintain and support an MPLS environment.